web-application-security-testing

Solid

OWASP Top 10 testing, injection vulnerability detection, API security assessment, authentication testing, and web vulnerability reporting for authorized assessments

Testing & QA 47 stars 3 forks Updated today MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Web Application Security Testing ## Purpose Enable Claude to assist with comprehensive web application security assessments covering OWASP Top 10, injection testing, API security, authentication analysis, and client-side security. Claude analyzes application behavior, generates test payloads, reviews source code, and produces structured vulnerability reports. > **Authorization Required**: All testing must be performed on authorized targets only. Confirm scope and written authorization before testing. --- ## Activation Triggers This skill activates when the user asks about: - OWASP Top 10 testing or assessment methodology - SQL injection, XSS, SSRF, SSTI, command injection testing - API security testing (REST, GraphQL, SOAP) - Authentication bypass, session management flaws - Web application firewall (WAF) bypasses for authorized testing - CORS, CSP, or security header analysis - OAuth/OIDC security review - JWT analysis or manipulation - Burp Suite or OWASP ZAP usage guidance - Web vulnerability report writing --- ## Prerequisites ```bash pip install requests beautifulsoup4 urllib3 lxml ``` **Recommended tools:** - `Burp Suite Community/Pro` — Web proxy and scanner - `OWASP ZAP` — Open-source web scanner - `sqlmap` — Automated SQL injection (authorized use only) - `Nikto` — Web server scanner - `ffuf / feroxbuster` — Web fuzzer - `jwt_tool` — JWT analysis and manipulation --- ## Core Capabilities ### 1. OWASP Top 10 Assessment **When the user asks to assess fo...

Details

Author: Masriyan
Repository: Masriyan/Claude-Code-CyberSecurity-Skill
Created: 3 months ago
Last Updated: today
Language: Python
License: MIT

Integrates with

GraphQL · API

Similar Skills

Semantically similar based on skill content — not just same category

API & Backend Solid

performing-security-testing

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

2,266 Updated today

jeremylongshore

Testing & QA Featured

web-security-testing

Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.

39,227 Updated today

sickn33

Testing & QA Featured

web-security-testing

Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.

27,681 Updated today

davila7

Testing & QA Listed

web-security-testing

Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.

335 Updated today

aiskillstore

AI & Automation Solid

owasp-security-scanner

Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.

1,034 Updated today

a5c-ai